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AMENDMENTS TO THE CLAIMS 

Claims remaining in the application are as follows: 

1. (Canceled) 

2. (Currently Amended): A method for on-line Personal Identification 
Number (PIN! verification according to Claim 1 further comprising: 

initializing a smart card with an entity-selected PIN hidden in a polynomial over a 

finite field, an initialization polynomial being a function of the PIN, an entity- 
identifier, and a random number, 

discarding the random number and the PIN a fter smart card initialization; 

generating an ephemeral transaction polynomial using the smart card at an entity- 
activated terminal with an entity-entered PIN' enabling recovery from a 
polynomial over a finite field, the ephemeral transaction polynomial being a 
function of the entity-entered PIN', the entity-identifier, and a second random 
number; 

sending a function of the ephemeral transaction polynomial and a difference between 
the second random number and a function of the PIN' and the secret function 
to a host; and 

discarding the second random number. 

3. (Original): The method according to Claim 2 further comprising: 
verifying that the PIN is equivalent to the PIN' based on a relationship among the 

entity-identifier and a function of the initialization polynomial received from 
the on-line authorization system and the difference and function of the 
verification polynomial. 

4. (Original): The method according to Claim 2 further comprising: 

encrypting the function of the initialization polynomial prior to sending to the on-line 

authorization system; and 
encrypting the function of the verification polynomial prior to sending to the host. 
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5. (Currently Amended): A Tte> method for on-lin e Personal Identification 
Number (PIN) verification according to Claim 1 furth e r comprising: 

initializing a smart card with an entitv-selected PIN hi dden in a polynomial over a 

finite field, an initialization polynomial being a function of the PIN, an entity- 

identifier, and a random number: 
discarding the random number and the PIN after smart card i nitialization: and 
hiding die entity-selected PIN in a polynomial over a finite field of the form: 



where Pisa large prime number. 

6. (Currently Amended): A The method for on-line Personal Identification 
Number (PIN) verification aooording to Claim 1 furth e r comprising: 

initializing a smart card with an entitv-selected PIN hidden in a polynomial over a 

finite field, an initialization polynomial being a function of the PIN, an entity^ 

identifier, and a random number: 
discarding the random number and the PIN after smart card initialization; 
receiving on the smart card a large prime integer P, an entity-identifier x, and the 

entity-selected PIN; 

generating on the smart card a random number a^ between a lower limit L and the 

large prime integer P; 
computing a polynomial: 



n 



y = a 0 +Y,a i x t (modP), 



i-i 



encrypting value y r as encryption function E k [y r ]; 

sending the encryption function E k [yr] to the on-line authorization system; 
computing on the smart card at least one value: 
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z i = PIN" 1 'an(mod P); 
retaining the at least one value z\ on the smart card; and 
erasing the random number ar and the PIN from the smart card. 
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7. (Original): The method according to Claim 6 further comprising: 

storing on the on-line authorization system the entity-identifier x and a reference 
cryptogram EkboEvJ where KBD is a database key. 

8. (Original): The method according to Claim 6 further comprising: 

receiving at the smart card the entity-entered PIN' via an entity-activated terminal; 
generating on the smart card a random number a t between a lower limit L and the large 

prime integer P; 
computing at the smart card a polynomial : 

A' 

y r = PIN' + - x { (modP) ; 

£=1 

a value: 

a r ' = PIN'-z r (modP); and 
a difference d = a/ - a { ; 
erasing the random number a, from the smart card; 

encrypting the value y t and the difference value d at the smart card as encryption 

function Eftc[d, yj under a transmission key KC; 
sending the encryption function Ejcc[d, y t ] to the host. 

9. (Original): The method according to Claim 8 further comprising: 
receiving at the host the encryption function Ei<c[d, yj; and 
verifying the PIN' is equal to the PIN on condition that: 

dx = y r -y t (mod P). 

1 0. (Currently Amended): The method according to Claim 1 8 wherein: 
information sent from the smart card to the host is sufficient to verify the PIN although 

insufficient for reconstructing the PIN. 

1 1 . (Currently Amended): The method according to Claim + 8 wherein: 

for an individual account corresponding to the entity-identifier x, the host maintains a 
single point on a curve represented by a reference polynomial so that the 
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information stored on the host is insufficient to reconstruct the polynomial and 
recover the PIN. 

12. (Currently Amended): The method according to Claim J- 8 wherein: 
the smart card creates an irreversible form of the entity-entered PIN' that 

probabilistically differs on every transaction and probabilistically differs from 
any reference information on the host. 

13. (Currently Amended): A marTind for on-line Personal Identification 
Number (TTNH verification according to Claim 1 further comprising: 

initializing a smart card with an entity-selected PIN hidden in a polynomial over a 

finite field, an initialization polynomial being a function of the PIN, an entity- 
identifier, and a random number: and 
discarding the random number and the PIN after smart card initialization, wherein 
the smart card creates a probabilistically different random and ephemeral polynomial 
on every transaction and operates on only one point from the polynomial with 
the polynomial coefficients erased after every usage and restricted from 
transmission to the host. 

1 4. (Currently Amended): The method according to Claim 4- 13 wherein: 
the Personal Identification Number (PIN) is selected from among members of a group 

consisting of identification numbers, passwords, biometric data, fingerprints, 
retinal scans> electrical body signals, and pictorial images, 

15. (Original): A data security apparatus comprising: 
a smart card capable of on-line Personal Identification Number (PIN) verification 

comprising: 

an interface capable of communicating with an on-line authorization system 

and/or a host; 
a processor coupled to the interface; and 

a memory coupled to the processor and having a computable readable program 
code embodied therein that executes enrollment and transaction 
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operations for on-line PIN verification based on hiding an entity- 
selected PIN in an ephemeral polynomial over a finite field. 

1 6. (Original): The apparatus according to Claim 1 5 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to hide the 
entity-selected PIN in a polynomial over a finite field of the form: 

n 

y = a o + J]ci i x t (mod P), 
where P is a large prime number. 

17. (Original): The apparatus according to Claim 15 wherein: 

the smart card sends information to the host that is sufficient to verify the PIN 
although insufficient for reconstructing the PIN. 

18. (Original): The apparatus according to Claim 1 5 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to receive a 
large prime integer P, an entity-identifier x, and the entity-selected PIN; 

a computable readable program code capable of causing the processor to generate on 
the smart card a random number a, between a lower limit L and the large prime 
integer P; 

a computable readable program code capable of causing the processor to compute a 
polynomial: 

v, = PIN + £ ffrf " *'(™dP) ; 

a computable readable program code capable of causing the processor to encrypt value 

y r as encryption function Ek[yJ; 
a computable readable program code capable of causing the processor to send the 

encryption function E k [y r ] to the on-line authorization system; 
a computable readable program code capable of causing the processor to compute on 

the smart card at least one value: 
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z i = PIN- 1 'aH(mod P); 

a computable readable program code capable of causing the processor to retain the at 

least one value zj on the smart card; and 
a computable readable program code capable of causing the processor to erase the 
random number a r and the PIN from the smart card. 

19. (Original): The apparatus according to Claim 15 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to initialize a 

smart card with an entity-selected PIN hidden in a reference polynomial over a 
finite field, the reference polynomial being a function of the PIN, an entity- 
identifier, and a random number; 
a computable readable program code capable of causing the processor to send the 
entity-identifier and a function of the reference polynomial to an on-line 
authorization system for enrollment; 
a computable readable program code capable of causing the processor to retain a 

secret function of the random number and inverse of the PIN on the smart card; 
and 

a computable readable program code capable of causing the processor to discard the 
random number and the PIN. 

20. (Original): The apparatus according to Claim 19 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to receive an 
entity-entered PIN' via an entity-activated terminal, enabling recovery from a 
polynomial over a finite field; 
a computable readable program code capable of causing the processor to compute an 
ephemeral transaction polynomial as a function of the entity-entered PIN', the 
entity-identifier, and a second random number; 
a computable readable program code capable of causing the processor to send to a host 
a function of the ephemeral transaction polynomial, the host being capable of 

- Page 7 of 16- 

PAGE 9/18 * RCVD AT 12/15/2005 6:31:49 PM [Eastern Standard Time]* SVR:USPTO«EFXRF-6/24 1 DNISOTOQ* CSID:9492510260 ^DURATION (mmVs):04"58°' 119 



KOE5TNEH BEKTANJ U.I' 
\6662 MaCaRTHUR BLVD. 

surrE w 

IRVINE. CA 93612 
FAX (04 5> 25 HEM 



12/15/2005 16:38 FAX 9492510260 



KOESTNER_BERTANI_LLP 



Bl 010/01 



8 



verifying that PIN is equivalent to PIN' at the host based on a relationship 
among the entity-identifier, a function of the reference polynomial, and the 
function of the ephemeral transaction polynomial; and 
a computable readable program code capable of causing the processor to discard the 
second random number. 

2 1 . (Original): The apparatus according to Claim 20 wherein: 

the smart card creates an irreversible form of the entered PIN' that probabilistically 
differs on every transaction and probabilistically differs from any reference 
information on the host. 

22. (Original): The apparatus according to Claim 20 wherein: 

the smart caTd creates a probabilistically different random and ephemeral polynomial 
on every transaction and operates on only one point from the polynomial with 
the polynomial coefficients erased after every usage and restricted from 
transmission to the host. 

23. (Original): The apparatus according to Claim 20 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to encrypt the 
function of the reference polynomial prior to sending to the on-line 
authorization system; and 

a computable readable program code capable of causing the processor to encrypt the 
function of the ephemeral transaction polynomial prior to sending to the host. 

24. (Original): The apparatus according to Claim 20 wherein the memory 
further comprises: 

a computable readable program code capable of causing the processor to receive the 

entity-entered PIN' via an entity-activated terminal; 
a computable readable program code capable of causing the processor to generate on 

the smart card a random number a t between a lower limit L and the large prime 

integer P; 



J - Page 8 of 16 - 

PAGE 10/18 * RCVD AT 12115/2005 6:31 :49 PM [Eastern Standard Time] * SVR:llSPTO-EFXRF-6/24 * DNIS:2738300 * CSID:9492510260 * DURATION (mm-ss): 0M8 1 ' 1 1 9 



KOESTVRR RERTaNI lij- 
1WM MACA*niU» BLVD. 

IHVIND, Ca V2dlJ 
TEL (9«> 331-OZJO 
Fax vi-ca&n 



12/15/2005 16:38 FAX 9492510260 KOESTNER_BERTANI_LLP ©011/018 



ItOERTNEK BERTAM LIT 
MaCaRTHUR BL.VQ. 

FAX«49>33J-OM9 



PAGE11/18*RCVDAT12/' 



a computable readable program code capable of causing the processor to compute at 
the smart card a polynomial: 



y t =pjN , +f t a ri -x'(modP); 



a value: 

a r ' = PIN'*Zi (modP); and 

a difference d = a/ - a t ; 
a computable readable program code capable of causing the processor to erase the 

random number at from the smart card; 
a computable readable program code capable of causing the processor to encrypt the 

value y ; and the difference d as encryption function Ekc[<1> yJ under a 

transmission key KC; 
a computable readable program code capable of causing the processor to send the 

encryption function EKc[d, y T ] to the host. 

25. (Original): A data security apparatus comprising: 

an enrollment terminal for usage with an on-line host authorization system 
comprising: 

a communication interface capable of communicating with a network, a user 
interface, and a smart card interface configured to accept a smart card 
that executes initialization and transaction operations for on-line 
Personal Identification Number (PIN) verification based on hiding an 
entity-selected PIN in an ephemeral transaction polynomial over a 
finite field; 

a processor coupled to the communication interface; and 

a memory coupled to the processor and having a computable readable program 
code embodied therein capable of causing the processor to supply to the 
smart card a modulus P, an entity-identifier x, and a reference Personal 
Identification Number (PIN) for smart card computation of a reference 
polynomial of the form: 
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jV=PZtf+£«,/(modP), 

and having a computable readable program code capable of causing the 
processor to transfer from the smart card to a host the entity-identifier x 
and a function of the reference polynomial y r . 

26. (Original): The apparatus according to Claim 25 further comprising: 
a computable readable program code capable of causing the processor to encrypt the 

reference polynomial to a reference cryptogram. 

27. (Original): The apparatus according to Claim 25 wherein: 
the smart card sends and the on-line host authorization system stores information that 

is sufficient to verify the PIN although insufficient for reconstructing the PIN. 

28. (Original): The apparatus according to Claim 25 wherein: 
the on-line host authorization system receives from the smart card an encrypted 

reference polynomial function. 

29. (Original): A data security apparatus comprising: 
a host system capable of on-line Personal Identification Number (PIN) verification 

comprising: 

a communication interface capable of communicating with a terminal 
configured to accept a smart card that executes enrollment and 
transaction operations for on-line PIN verification based on hiding an 
entity-selected transaction PIN' in an ephemeral polynomial over a 
finite field; 

a host database capable of storing enrollment information for a plurality of 

enrolled smart cards; 
a processor coupled to the communication interface and the host database; and 
a memory coupled to the processor and having a computable readable program 
code embodied therein capable of causing the processor to receive from 
a transacting smart card information relating to a point on a curve 
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generated from a polynomial hiding an entexed transaction PIN' and 
compare the smart card information to database information relating to 
[ a point on a curve generated from a reference polynomial hiding a 

reference PIN. 

30. (Original): The apparatus according to Claim 29 wherein the memory 

further comprises: 

a computable readable program code capable of causing the processor to receive an 
ephemeral transaction polynomial function from the smart card, receive an 
entity-identifier and reference polynomial function from the host database, and 
perform a comparison operation verifying that the reference PIN is equivalent 
to the transaction PIN' at the host based on a relationship among the entity- 
identifier, a function of the reference polynomial, and the function of the 
ephemeral transaction polynomial, 

3L (Original): The apparatus according to Claim 29 wherein: 

neither the host system nor the smart card have sufficient information to reconstruct 
the entity-selected PIN but do have sufficient information to verify that the 
correct PIN' is entered. 

32. (Original): The apparatus according to Claim 29 wherein: 
the reference polynomial function and the ephemeral transaction polynomial function 

are polynomials of the form: 

n 

v = a 0 +£a,.* £ '(modP) s 
where P is a large prime number. 

33. (Original): The apparatus according to Claim 29 wherein: 
information sent from the smart card to the host system is sufficient to verify the PIN 

although insufficient for reconstructing the PIN. 
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34» (Original): The apparatus according to Claim 29 wherein: 

for an individual account corresponding to the entity-identifier, the host system 

maintains a single point on a curve represented by a reference polynomial so 
that the information stored on the host system is insufficient to reconstruct the 
polynomial and recover the PIN. 

35. (Original): The apparatus according to Claim 29 wherein: 

the smart card creates an irreversible form of an entered PIN that probabilistically 
differs on every transaction and probabilistically differs from any reference 
information on the host system. 

36. (Original): The apparatus according to Claim 29 wherein: 

the smart card creates a probabilistically different random and ephemeral polynomial 
on every transaction and operates on only one point from the polynomial with 
the polynomial coefficients erased after every usage and restricted from 
transmission to the host system. 

37. (Original): A transaction system comprising: 
a network; 

a plurality of servers and/or hosts coupled to the network; 

a plurality of on-line terminals coupled to the servers via the network; 

a plurality of smart cards enrolled in the transaction system and capable of insertion 
into the on-line terminals and performing transactions via the servers; and 

a plurality of processors distributed among the smart cards, the servers, and/or the on- 
line Terminals, at least one of the processors being capable of executing 
enrollment and transaction operations for on-line PIN verification based on 
hiding an entity-selected PIN in an ephemeral polynomial over a finite field. 

38. (Original): The transaction system according to Claim 37 wherein at least 
one of the processors can execute a method for on-line Personal Identification Number (PIN) 
verification comprising: 
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initializing a smart card with an entity-selected PIN hidden in a polynomial over a 
finite field, a reference polynomial being a function of the PIN, an entity- 
identifier, and a random number; and 

discarding the random number and the PIN after smart card initialization. 

39. (Original): The transaction system according to Claim 38 wherein the 
method for on-line Personal Identification Number (PIN) verification further comprises: 

generating an ephemeral transaction polynomial using the smart card at an entity- 
activated terminal with an entity-entered PIN' enabling recovery from a 
polynomial over a finite field, the ephemeral transaction polynomial being a 
function of Che entity-entered PIN', the entity-identifier, and a second random 
number; 

sending a function of the ephemeral transaction polynomial and the difference 

between the second random number and a function of the PIN' and the secret 
function to a host; and 

discarding the second random number. 

40. (Original): The transaction system according to Claim 39 wherein the 
method for on-line Personal Identification Number (PIN) verification further comprises: 

verifying that the reference PIN is equivalent to the transaction PIN' at the host based 
on a relationship among the entity-identifier, a function of the reference 
polynomial, and the function of the ephemeral transaction polynomial. 

41 . (Original): A transaction system comprising: 
means for verifying a Personal Identification Number (PIN); 

means for initializing a smart card with an entity- selected PIN hidden in a polynomial 

over a finite field, a reference polynomial being a function of the PIN, an 

entity-identifier, and a random number; 
means for sending the entity-identifier and a function of the reference polynomial to 

an on-line authorization system for enrollment; 
means for retaining a secret function of the random number and inverse of the PIN on 

the smart card; and 
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means for discarding the random number and the PIN. 
42. (New): The method according to Claim 6 wherein: 

the Persona! Identification Number (PIN) is selected from among members of a group 
consisting of identification numbers, passwords, biometric data, fingerprints, 
retinal scans, electrical body signals, and pictorial images. 
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